Posted by Virus Bulletin on Nov 23, 2006
FTC reduces punishment for crooks 'unable to pay'.
Two spyware operations have settled lawsuits brought against them by the Federal Trade Commission (FTC) at a huge discount. The defendants claimed they were unable to afford the original fines levied against them by the judgement, and had the punishments reduced - from $1.75 million to $10,000 in one case and from $1.85 million to $40,000 in another.
The defendants in the first case, Odysseus Marketing and its head Walter Rines, pushed their spyware and adware software posing as free tools, including a non-existent Kazaa-like peer-to-peer file-sharing system called Kazanon. The spyware not only gathered browsing data used to target pop-up ad campaigns, but also reaped other personal details, including names, addresses and phone numbers, useful for more traditional junk marketing techniques. As well as being requested to destroy any information they still had on record, and being barred from future fraud and malware use, they were initially ordered to pay a $1.75 million settlement, which was eventually commuted to $10,000 after the defendants showed they didn't have the money.
The other case featured John Robert Martinson, head of companies including MailWiper, SpyWiper and SpyDeleter, which used an affiliate to spread their 'rogue spyware' products, informing owners of infected machines that they were infected and effectively blackmailing them into paying for and installing 'removal' software, which was, in fact, yet more spyware. Martinson was also barred from future fraud, including exploiting software vulnerabilities and installing to or altering people's computers without consent. The $1.86 million judgement against him was suspended, except for $40,000, again due to inability to afford the original fine. The affiliate, renowned spammer Stanford Wallace, was earlier charged over $4 million for his part in the scam.
'This is little more than a slap on the wrist for these crooks,' said John Hawes, Technical Consultant at Virus Bulletin. 'Spyware and adware pushers can rake in vast sums for their crimes, so either these guys were totally incompetent or they've stashed the cash in their mums' basements. These civil cases can only be a deterrent to criminals if appropriate fines are levied - the rogue spyware scam is a particularly nasty psychological attack on the victims, it would be far better if this sort of crime were treated like other kinds of intrusion and blackmail and resulted in a real punishment, like jail time.'
The full fines will come into force if the court finds the defendants have been concealing funds. Detailed legal papers on the case are available from the FTC's website, here, with its statement on the settlement here.
Posted on 23 November 2006 by Virus Bulletin
